Future Changes to EAV

Discussion in 'ESET NOD32 Antivirus' started by Blackspear, Jan 20, 2008.

  1. karlisi

    karlisi Registered Member

    Joined:
    Apr 7, 2011
    Posts:
    68
    Location:
    Latvia
    About exclusions.
    I think ESET is doing right, not including MS recommended exclusions in default policy. If you read MS KB, they warn you: We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk. So, it is by you to decide.
     
  2. Reedmikel

    Reedmikel Registered Member

    Joined:
    Dec 30, 2011
    Posts:
    185
    Exclusions (cont'd):

    Karlisi - that's normal Microsoft legalese that their lawyers make them add (much like their hot fixes) :) The same KB article also says:

    When you scan these files, performance and operating system reliability problems may occur because of file locking.


    Again, I suggested this could be added as an optional (check box to enable/disable) policy setting, so that those admins that choose to be blind to potential performance issues can remain so by leaving these MS recommended exclusions disabled...

    Having worked with many AV products, the fact that many of them do exclude certain files tells me there is likely a good reason to do so.
     
  3. Reedmikel

    Reedmikel Registered Member

    Joined:
    Dec 30, 2011
    Posts:
    185
    EAV BE: show progress of scans on console (EWAC)

    It would be very helpful to see how a scan is progressing when viewed at the console (ERAC). I recently switched from GFI's VIPRE product and their console did show progress in 20% increments. I would think this would be relatively easy to do since the machine is frequently checking in with the ERAS. Why not pass some scan progress data to ERAS periodically?
     
  4. jpresto

    jpresto Registered Member

    Joined:
    Nov 8, 2009
    Posts:
    2
    False positive alert feed

    We've seen a few false positives hit this week. I'm sure you have a response procedure, it would be incredibly helpful if ESET could incorporate some sort of rss or twitter feed that is immediately updated when these are identified - at least then we can manage the alerts quickly and potentially avoid damaging users systems/servers.
     
  5. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Re: False positive alert feed

    Add your suggestion here or per usual here
     
  6. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    Re: False positive alert feed

    I'd like to see something in the uninstall process of Business Edition where the client reports to its ERAS (if a connection is available) that the software was uninstalled which would be viewable in the management console instead of the current behavior of removing without attempting to send any notification.
     
  7. Reedmikel

    Reedmikel Registered Member

    Joined:
    Dec 30, 2011
    Posts:
    185
    I'll second SmackTheFrog's suggestion that client uninstalls (e.g. NOD32) be visible in ERAC. Be nice if an alert could be generated too using the Notification Manager tool.
     
  8. shaunwang

    shaunwang Registered Member

    Joined:
    Mar 26, 2006
    Posts:
    94
    Better Rootkit/TLD variant 1/2/3/4 Detection
    Improve Cleaning Capabilities ( Like DrWeb )
    HIPS improvement ( App/Registry monitoring , expand create a tablelist to set rules on these apps )
    GUI ( Make like v2.7 I found it much better lower footprint / lesser resources require No more groovy/funky design it just does not provide functional benefits )
     
  9. Ego_Dekker

    Ego_Dekker Registered Member

    Joined:
    Aug 22, 2010
    Posts:
    97
    Location:
    Russia
    Unfortunately, cleaning will be improved not earlier than in v9, but i hope for the best.
     
  10. Hagla007

    Hagla007 Registered Member

    Joined:
    Sep 13, 2009
    Posts:
    49
    I would like to suggest a form of "automatic gaming mode" which automatically switch Nod32 or ESS into game mode whenever it launch a game in fullscreen.
     
  11. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,330
    Gamer mode is already incorporated in v5 and is activated for full-screen applications automatically.
     
  12. Hagla007

    Hagla007 Registered Member

    Joined:
    Sep 13, 2009
    Posts:
    49
    No..? We have to manually enable the gamer mode before we play the/a game.
     
  13. karlisi

    karlisi Registered Member

    Joined:
    Apr 7, 2011
    Posts:
    68
    Location:
    Latvia
    Perhaps not exactly EAV feature. Ability to send notifications to workstations from ESET remote administration console. Currently this feature works only for mobile clients.
     
  14. coch

    coch Registered Member

    Joined:
    Mar 13, 2010
    Posts:
    8
    Not for me. In my case, v5 enables it automatically. There might be a preference that needs to be enabled for ESET to take care of it automatically though,I don't remember exactly.
    However it may be difficult to verify. Start a fullscreen game then ALT-Tab out of the game and look at the ESET tray icon, if you are quick enough you should see the icon turning from orange (gaming mode) to blue/green (normal mode). It might also be possible to verify this by sending the game in fullscreen mode to a secondary monitor and watching the activity of the ESET tray icon.
    I seem to remember one game for which this did not work, but it worked for all other games I tried so far.
     
  15. DooGie

    DooGie Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    112
    Would love to see a right click option on the tray icon to enable/disable gaming mode.
     
  16. hopetobe

    hopetobe Registered Member

    Joined:
    Sep 19, 2010
    Posts:
    34
    Can NOD automaticially & sliently block tracking cookies in next generation? Seldom do people use the "Inprivate mode" or know how to set up anti-tracking in various internet explorers. Those tracking cookies and other tracking componets are actually big security risks. More and more identity information of users is revealed by them rather than trojans! Blocking and removing such things is easy and convenient via eset antivirus. Eset, let you protect our digital world a little bit more !
     
  17. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,180
    Location:
    Managua, Nicaragua
    Add a Utility for recreate/reset OS settings such as:

    folder options
    registry tools
    task manager
    CMD prompt
    autorun/autoplay
    control panel
    logoff/shutdown
    internet options
    hidden files
     
  18. sangam

    sangam Registered Member

    Joined:
    Jan 26, 2007
    Posts:
    49
    Location:
    ahmedabad, india
    i very much agree with toxinon12345. the ability to reset these settings along with a linux live boot cd option with some essential utilities like partition managers, disk repair utilities etc. (the windows boot cd is a shame) will be a sure solution for all infected systems. no other AV vendor gives all these in one solution. i very strongly urge eset to consider this request.
     
    Last edited: Jun 9, 2012
  19. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    8,952
    I agree with this.
     
  20. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,143
    disagree - eset is formerly protection and prevention.
    repair or removal is futile when infected.
    recover with boot medium and rebuild OS from scratch.

    example
    latest rogue came with a java trojan - rogue is found, trojan was not found and still working. epic fail.
     
  21. Ego_Dekker

    Ego_Dekker Registered Member

    Joined:
    Aug 22, 2010
    Posts:
    97
    Location:
    Russia
    Therefore EAV hints us: “Unable to clean” and “Error while cleaning/deleting” Troll_face_white.png . In these cases, there are good free cleaning utilities like AVPTool or Dr.Web CureIt!
     
  22. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,330
    ESET's Windows products already repair crucial registry values that are modified by malware during the cleaning. Of course, an error cleaning a file can also occur when attempting to clean (delete) files on a write-protected medium / folder or if it's a detection of malware in memory while the actual file on the disk could not be located for some reason.
    Any issues with cleaning should be reported to ESET's Customer Care or viruslab, or simply report it here at Wilders' and enclose the appropriate record from the Threat log.
     
  23. Ego_Dekker

    Ego_Dekker Registered Member

    Joined:
    Aug 22, 2010
    Posts:
    97
    Location:
    Russia
    Suggestion: collect information about cleaning/deleting problems and submit it via ESET Live Grid to ESET's labs for further improvements. And update your removal tools as often as possible.
     
  24. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,180
    Location:
    Managua, Nicaragua
    SysInspector is an utility for assessment/logging/support (unrelated to detection/cleaning engines), this is an extra tool which can be downloaded through the website.

    In the same way, a tool for recreating OS settings (unrelated to detection/cleaning engines) could be downloaded through the website e.g. by administrators needing to switch some OS settings/policies to default.
     
  25. piperfect

    piperfect Registered Member

    Joined:
    Oct 25, 2009
    Posts:
    5
    Please get rid of the dash in usernames. I have installed Nod32 at least a thousand times and it irritates me every time that I have to enter a user name I have to click drag over the username instead of just double clicking to highlight the word. I had to install Nod32 on a system with a dodgy mouse today and I almost threw a temper tantrum.